Study finds big hos­pi­tals at greater risk of data breach

Baltimore Sun Sunday - - NEWS -

Large health care providers and teach­ing hos­pi­tals face a greater risk of hav­ing their med­i­cal records com­pro­mised by hack­ers, re­searchers say in a new study pub­lished in the Jour­nal of the Amer­i­can Med­i­cal As­so­ci­a­tion.

The re­searchers, in­clud­ing Ge Bai, an as­sis­tant pro­fes­sor at the Johns Hop­kins Carey Busi­ness School, re­viewed nearly 1,800 data breaches re­ported in the past seven years and found that vul­ner­a­bil­i­ties in­crease with the size of a hos­pi­tal.

“A fun­da­men­tal trade-off ex­ists,” they wrote. “Broad ac­cess to health in­for­ma­tion — es­sen­tial for hos­pi­tals’ qual­ity im­prove­ment ef­forts and re­search and ed­u­ca­tion needs — in­evitably in­creases risks for data breaches.”

The study comes one year af­ter hack­ers crip­pled the net­works of MedS­tar Health, en­crypted the records of hos­pi­tal across its sys­tem, and held the in­for­ma­tion for ran­som. Fed­eral law re­quires hos­pi­tals to re­port breaches af­fect­ing at least 500 peo­ple. A data­base lists nearly 40 breaches against Mary­land hos­pi­tals and providers since 2010.

More than 1,300 peo­ple were af­fected in a Jan­uary breach of Univer­sity of Mary­land Orthopaedics As­so­ciates.

Some­one ac­cessed the net­work server of Bon Se­cours Health Sys­tem in Au­gust, putting the med­i­cal records of more than 650,000 peo­ple at risk.

And when ri­ots broke out af­ter the death of Fred­die Gray two years ago, van­dals looted a phar­macy in Penn North, steal­ing about 150 pre­scrip­tion bags with pa­tient names, ad­dresses and med­i­ca­tions.

Six months later, a lap­top with pa­tients’ names and records was stolen from a doc­tor at the Johns Hop­kins Hos­pi­tal, putting 571 peo­ple at risk.

“As the adop­tion of elec­tronic record and health in­for­ma­tion tech­nol­ogy rapidly ex­pands, hos­pi­tals and other health providers in­creas­ingly suf­fer from data breaches,” the re­searchers wrote.

Bai and two co-authors ex­am­ined the fed­eral data­base for their April 3 study. They found 257 breaches re­ported at 216 hos­pi­tals. Thirty-three of them were breached at least twice and many were ma­jor teach­ing hos­pi­tals.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.